Delete consumer session
After using the API's protected endpoints, the session object has fulfilled its purpose and the initially granted session key SHOULD be permanently revoked. To do this, the same valid Api-Key as in the initial session request MUST be sent in the HTTP request headers. The Session-Key to be revoked MUST be sent as HTTP request path parameter.
The identifier of the deleted session object is returned from the remote service as data id together with the data type: session and other attribute–value pairs in the JSON response body.
Request endpoint
DELETE SERVER:PORT/api/sessions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXXResponse status
200Request headers
Accept:application/vnd.api+json
Content-Type:application/vnd.api+json
Api-Key:KKKKKKKK-KKKK-KKKK-KKKK-KKKKKKKKKKKK
Session-Key:SSSSSSSS-SSSS-SSSS-SSSS-SSSSSSSSSSSSResponse headers
Transfer-Encoding:chunked
Connection:keep-alive
Accept:application/vnd.api+json
Cache-Control:no-cache
Date:Tue, 19 Mar 2024 12:57:48 GMT
Content-Type:application/vnd.api+json
Server:nginx/1.25.4Request body
# intentionally blankResponse body
{
"links": {
"self": "/api/sessions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
},
"data": [
{
"attributes": {
"note": "A session note",
"client": "172.18.0.1",
"agent": "HTTP.jl/1.8.5",
"timestamps": {
"granted": "2024-03-19T12:52:00.266Z",
"revoked": "2024-03-19T12:57:48.883Z"
},
"limits": {
"maxTokens": 100000,
"maxDigits": 100,
"minTokens": 1000,
"minDigits": 3
}
},
"id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"type": "session"
}
]
}HTTPie example
$ http delete SERVER:PORT/api/sessions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX Accept:application/vnd.api+json Content-Type:application/vnd.api+json Api-Key:KKKKKKKK-KKKK-KKKK-KKKK-KKKKKKKKKKKK Session-Key:SSSSSSSS-SSSS-SSSS-SSSS-SSSSSSSSSSSS